Skip to content

Commit

Permalink
install certificate for Java needed by Android
Browse files Browse the repository at this point in the history
  • Loading branch information
@bebstein-pass
bebstein-pass committed Jan 8, 2025
1 parent d87f4cb commit 7838189
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 0 deletions.
7 changes: 7 additions & 0 deletions doc/installation/Android.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,13 @@ Then open the Android Virtual Devices Manager and select (or create) a Virtual D
keyPassword=
```

### Install

```sh
./scripts/install_certificate_java.sh # this script ask root password
direnv reload
```

### 🔥 Firebase setup

Download the `google-services.json` file from Keeper and place it inside the `android/app` directory. You can also download this file from the Firebase console.
Expand Down
66 changes: 66 additions & 0 deletions scripts/install_certificate_java.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
#!/usr/bin/env bash
set -o errexit -o nounset -o pipefail

SSL_CERT_FILE="$(realpath '/Library/Application Support'/*/*/data/*cacert.pem 2>/dev/null || true)"

SCRIPT_FOLDER="$(dirname "$(realpath "$0")")"

remove_certificate_bundle_safe() {
if [ -f "$SSL_CERT_BUNDLE_FILE" ]; then
sudo rm "$SSL_CERT_BUNDLE_FILE"
fi
}

has_certificate() {
echo "${KEYTOOL_PASSWORD}" |
sudo keytool -cacerts -list -alias "mykey"
}

remove_certificate() {
echo "${KEYTOOL_PASSWORD}" |
sudo keytool -delete -cacerts -alias "mykey" >/dev/null
}

remove_certificate_safe() {
remove_certificate_bundle_safe

if has_certificate; then
remove_certificate
fi
}

add_certificate() {
{
echo "${KEYTOOL_PASSWORD}"
echo "oui"
} |
sudo keytool -import -cacerts -file "$SSL_CERT_BUNDLE_FILE" >/dev/null
}

add_certificate_safe() {
if ! has_certificate; then
add_certificate
fi
}

if [ -f "$SSL_CERT_FILE" ]; then
SSL_CERT_DIR="$(dirname "$SSL_CERT_FILE")"
SSL_CERT_TENANT="$(realpath "$SSL_CERT_DIR"/*tenantcert.pem)"
SSL_CERT_BUNDLE_FILE="$SSL_CERT_DIR/cert-bundle.pem"

# remove_certificate_safe # to be able to debug, remove everything done, comment this when not debugging

if "$SCRIPT_FOLDER/is_proxy_enabled.sh"; then
if [ -f "$SSL_CERT_TENANT" ]; then
echo "Adding certificate for proxy in Java's keytool system requires root password"

if [ ! -f "$SSL_CERT_BUNDLE_FILE" ]; then
cat "$SSL_CERT_TENANT" "$SSL_CERT_FILE" | sudo tee "$SSL_CERT_BUNDLE_FILE" >/dev/null
fi

add_certificate_safe
fi
else
remove_certificate_safe
fi
fi

0 comments on commit 7838189

Please sign in to comment.